Title :
Intrusion Alerts Correlation Model Based on XSWRL Ontology
Author :
Li, Wan ; Zhu, Yan ; Tian, ShengFeng
Author_Institution :
Sch. of Comput. & Inf. Technol., Beijing Jiaotong Univ., Beijing
Abstract :
We propose a hierarchical compound alert correlation knowledge model which combines prerequisites and consequences of attacks and predefined attack scenarios, and introduces hierarchy to view security information from different levels. The model includes basic concepts and relationships that are extracted from attack knowledge. Then we propose an alert correlation ontology frame which bases on our hierarchical compound alert correlation knowledge model. Some basic classes and properties are defined in the ontology frame. After extending those basic classes and properties in our ontology frame according to attack scenarios, we get a practical alert correlation ontology knowledgebase. Finally we illustrate how to represent our hierarchical compound alert correlation knowledge model using our XSWRL ontology.
Keywords :
ontologies (artificial intelligence); security of data; XSWRL ontology; correlation knowledge model; intrusion alerts correlation model; Application software; Computer security; Data mining; Information security; Information technology; Intrusion detection; OWL; Ontologies; Semantic Web; Taxonomy; alerts correlation; intrusion detection; knowledge model; ontology;
Conference_Titel :
Intelligent Information Technology Application, 2008. IITA '08. Second International Symposium on
Conference_Location :
Shanghai
Print_ISBN :
978-0-7695-3497-8
DOI :
10.1109/IITA.2008.412
